Skip to Main Content

Java Security

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

@RolesAllowed does not perform a nested membership check in LDAP

istavrakis-JavaNetAug 24 2012 — edited Aug 27 2012
Hi, I have a JEE6 application deployed on Glassfish server.
I'm using a form based authentication using an LDAP realm in glassfish.

I have the following problem, when I use @RolesAllowed("CUSTOMER_READ") annotation the check in LDAP is for direct membership matching not nested matching.
If the CUSTOMER_READ group has the logged in user as member everything is fine,
but if CUSTOMER_READ has a GROUP member B and B has the logged in user the authorization fails.

Does anyone know how to perform nested membership matching with JEE6 annotations on Glassfish?

Any comment will be helpful,
Thanks.

Comments

Locked Post
New comments cannot be posted to this locked post.

Post Details

Locked on Sep 24 2012
Added on Aug 24 2012
1 comment
469 views